Title :
Inferring protocol state machine for binary communication protocol
Author :
Fanzhi Meng ; Yuan Liu ; Chunrui Zhang ; Tong Li ; Yang Yue
Author_Institution :
Inst. of Comput. Applic., Mianyang, China
Abstract :
Communication protocol reverse engineering has played an important role in the field of network security. Inferring protocol state machine for unknown protocol is a part of protocol specifications mining. This paper proposed a novel approach in the mining of unknown binary protocol state machine. It allows to automatically generating the state models for binary protocol by listening to network traces. We present a new methodology to align the corresponding fields and extract the state relevant fields from binary protocol communication traces, and then based on the state relevant fields to construct the protocol state model. The experimental results of ARP and TCP show that our approach is effective.
Keywords :
finite state machines; telecommunication networks; telecommunication security; transport protocols; ARP; TCP; binary communication protocol network; inferring protocol state machine; network security; protocol specification mining; Algorithm design and analysis; Clustering algorithms; Conferences; Matrices; Protocols; Reverse engineering; Security; binary communication protocol; protocol reverse; protocol state machine; state relevant fields;
Conference_Titel :
Advanced Research and Technology in Industry Applications (WARTIA), 2014 IEEE Workshop on
Conference_Location :
Ottawa, ON
DOI :
10.1109/WARTIA.2014.6976411
